由于 AddAuthorization 基本上是在后台配置AuthorizationOptions，我遵循相同的模式，只是使用OptionsBuilder来配置具有依赖项的选项我创建了自己的接受依赖关系的AddAuthorization方法: public static IServiceCollection AddAuthorization<TDep>( this IServiceCollection services, Action<AuthorizationOptions, TDep> configure) where TDep : class { services.AddOptions<AuthorizationOptions>().Configure<TDep>(configure); return services.AddAuthorization(); }现在我可以使用它来正确配置需求:services.AddAuthorization<IEmployeeProvider>((options, employeeProvider> =>{ options.AddPolicy("Founders", policy => policy.RequireClaim("EmployeeNumber", employeeProvider.GetAuthorizedEmployeeIds()) );});如果需要更多的依赖项(OptionsBuilder.Configure最多支持5个依赖项)，则可以采用相同的技术很明显，此解决方案在升级到更新的ASP版本时需要额外的验证，因为AddAuhtorization的基础实现可能会发生变化I want to create a claim based authorization for my ASP.NET Core app:public void ConfigureServices(IServiceCollection services){ services.AddAuthorization(options => { options.AddPolicy("Founders", policy => policy.RequireClaim("EmployeeNumber", "1", "2", "3", "4", "5")); });}The problem is that I have a non trivial method to resolve the employee numbers (1 to 5) and I want to use a DI service:public interface IEmployeeProvider { string[] GetAuthorizedEmployeeIds();}I would like to inject this service and use it in AddPolicy, something like:services.AddAuthorization(options =>{ options.AddPolicy("Founders", policy => policy.RequireClaim("EmployeeNumber", *employeeProvider.GetAuthorizedEmployeeIds()));});NoteI know that I can write my own AuthorizationHandler where I can easily inject IEmployeeProvider but I'm against this pattern because:There is a already a handler that does exactly what I needI need to write a new handler for each claim type and each different requirementThis is an anti pattern because the employee ids should really be part of the requirement while the handler should be generic component that handles the requirementsSo I'm looking for a way to inject services when the policy is being built 解决方案 Thanks to Nkosi for the tip!Since AddAuthorization is basically configuring AuthorizationOptions behind the scenes, I followed the same pattern only I used OptionsBuilder to configure options with dependenciesI created my own AddAuthorization method that accepts dependencies: public static IServiceCollection AddAuthorization<TDep>( this IServiceCollection services, Action<AuthorizationOptions, TDep> configure) where TDep : class { services.AddOptions<AuthorizationOptions>().Configure<TDep>(configure); return services.AddAuthorization(); }And now I can use it to properly configure the requirement:services.AddAuthorization<IEmployeeProvider>((options, employeeProvider> =>{ options.AddPolicy("Founders", policy => policy.RequireClaim("EmployeeNumber", employeeProvider.GetAuthorizedEmployeeIds()) );});You can follow the same technique if you need more dependencies (OptionsBuilder.Configure supports up to 5 dependencies)Obviously, this solution requires extra validation when upgrading to newer ASP versions, as the underlying implementation of AddAuhtorization may change 这篇关于对授权策略的依赖注入的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！ 上岸，阿里云！